Skip to content
/ Mystique Public
forked from machosec/Mystique

PowerShell module to play with Kerberos S4U extensions

License

MIT license
23 stars 13 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cyberark/Mystique

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
LICENSE
LICENSE
 
 
Mystique.ps1
Mystique.ps1
 
 
Mystique.psd1
Mystique.psd1
 
 
Mystique.psm1
Mystique.psm1
 
 
README.md
README.md
 
 

Repository files navigation

Mystique

PowerShell tool to play with Kerberos S4U extensions

This module can assist blue teams to identify risky Kerberos delegation configurations as well as red teams to impersonate arbitrary users by leveraging KCD with Protocol Transition

Usage

Install the module

Import-Module .\Mystique.psm1

Or just load the script (you can also IEX from web)

. .\Mystique.ps1

Make sure Set-ExecutionPolicy is Unrestricted or Bypass

Get information about a function

Get-Help Find-DelegationAccounts -Full

All fucntions also have -Verbose mode

Functions

Add-SeTcbPrivilege      - Adds the "act as part of the operating system" (SeTcbPrivilege) privilege to a user
Find-DelegationAccounts - Find accounts that are trusted for Kerberos delegation
Get-CurrentIdentity     - Retreives information about the current identity
New-Impersonation       - Impersonate a user using Protocol Transition
Read-DelegatedFlag      - Checks if a user or users in a specific group can be delegated
Undo-Impersonation      - Reverts an impersonated session to the original account

About

PowerShell module to play with Kerberos S4U extensions

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

23 stars

Watchers

17 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • PowerShell 100.0%